我遇到了jaas和jboss的问题。我尝试使用基于表单的方法对数据库进行身份验证,但jboss告诉我密码错误(不,密码是正确的),但如果我使用UsersRolesLoginModule和属性文件,没问题。
在调试模式的pg数据库中,JBoss的查询似乎没问题, 现在数据库中的密码是纯文本(没有哈希)
这是我的login-config.xml文件
<application-policy name = "AP">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/authDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM users WHERE login = ?</module-option>
<module-option name = "rolesQuery">SELECT roles.name AS roles FROM roles WHERE roles.id IN
(SELECT users_roles.roleid FROM users_roles WHERE users_roles.userid IN
(SELECT users.id FROM users WHERE login = ?))</module-option>
<!-- <module-option name="hashAlgorithm">MD5</module-option> -->
<!-- <module-option name="hashEncoding">base64</module-option> -->
<!-- <module-option name="hashEncoding">HEX</module-option> -->
<!-- <module-option name="hashAlgorithm">SHA-1</module-option> -->
<!-- <module-option name="digestCallback">com.myclass.MyDigestCallback</module-option>-->
</login-module>
</authentication>
</application-policy>
web.xml文件:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restrict Access</web-resource-name>
<description></description>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>AdminRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ASM AD Authentication</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>AdminRole</role-name>
</security-role>
的JBoss-web.xml中
<jboss-web>
<security-domain>java:/jaas/Admin</security-domain>
</jboss-web>
的login.jsp
<form method="post" action="j_security_check">
<fieldset>
<legend>Login</legend>
<p>
<label for="form-username">Username</label>
<input type="text" name="j_username" id="form-username" />
</p>
<p>
<label for="form-password">Password</label>
<input type="password" name="j_password" id="form-password" />
</p>
<p>
<input type="submit" value="GO" />
</p>
</fieldset>
</form>
答案 0 :(得分:1)
<application-policy name = "AP"> change to <application-policy name = "Admin">
OR
<security-domain>java:/jaas/Admin</security-domain> change to
<security-domain>java:/jaas/AP</security-domain>
答案 1 :(得分:1)
你能做这样的事吗?
<application-policy name = "AP">
<authentication>
<login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
<module-option name = "dsJndiName">java:/authDS</module-option>
<module-option name = "principalsQuery">SELECT password FROM users WHERE login = ? and idcompania=? </module-option>
<module-option name = "rolesQuery">SELECT roles.name AS roles FROM roles WHERE roles.id IN
(SELECT users_roles.roleid FROM users_roles WHERE users_roles.userid IN
(SELECT users.id FROM users WHERE login = ? and idcompania=? ))</module-option>
<!-- <module-option name="hashAlgorithm">MD5</module-option> -->
<!-- <module-option name="hashEncoding">base64</module-option> -->
<!-- <module-option name="hashEncoding">HEX</module-option> -->
<!-- <module-option name="hashAlgorithm">SHA-1</module-option> -->
<!-- <module-option name="digestCallback">com.myclass.MyDigestCallback</module-option>-->
</login-module>
</authentication>
</application-policy>
答案 2 :(得分:0)
从您的示例中,您需要使用DatabaseServerLoginModule实现进行身份验证:
我希望这对你有所帮助。